CWE-704 - Incorrect Type Conversion or Cast

Home/CWEs/CWE info/

CWE-704

Abstraction:
Class

Structure:
Simple

Status:
Incomplete

Weakness Name: Incorrect Type Conversion or Cast

Description: The product does not correctly convert an object, resource, or structure from one type to a different type.

Common Consequences: Scope: Other
Impact: Other

Related Weaknesses: CWE-664Improper Control of a Resource Through its Lifetime

Release Date:
2008-09-09

Latest Modification Date:
2024-02-29

Top Security News

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

Truist Bank confirms breach after stolen data shows up on hacking forum

Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443)

Microsoft SharePoint RCE bug exploited to breach corporate network

CISA proposes new security requirements to protect govt, personal data

LiteSpeed Cache WordPress plugin bug lets hackers get admin access

DDoS site Dstat.cc seized and two suspects arrested in Germany

Google patches actively exploited Android vulnerability (CVE-2024-43093)

Common Alerts

HighServer Side Include

MediumCSP: Meta Policy Invalid Directive

LowTimestamp Disclosure - Unix

HighExternal Redirect

MediumCSP: script-src unsafe-inline

MediumHTTP Only Site

HighRemote Code Execution - Shell Shock

MediumX-ChromeLogger-Data (XCOLD) Header Information Leak

InformationalSec-Fetch-Dest Header is Missing

LowCookie with SameSite Attribute None

Latest CVE List

CVE-2024-8957 PTZOptics PT30X-SDI/NDI Cameras OS Command Injection Vulnerability

CVE-2024-8956 PTZOptics PT30X-SDI/NDI Cameras Authentication Bypass Vulnerability

CVE-2024-20481 Cisco ASA and FTD Denial-of-Service Vulnerability

CVE-2024-37383 RoundCube Webmail Cross-Site Scripting (XSS) Vulnerability

CVE-2024-47575 Fortinet FortiManager Missing Authentication Vulnerability

CVE-2024-38094 Microsoft SharePoint Deserialization Vulnerability

CVE-2024-9537 ScienceLogic SL1 Unspecified Vulnerability

CVE-2024-40711 Veeam Backup and Replication Deserialization Vulnerability

CVE-2024-30088 Microsoft Windows Kernel TOCTOU Race Condition Vulnerability

CVE-2024-9680 Mozilla Firefox Use-After-Free Vulnerability

Common CWEs

CWE-115 Misinterpretation of Input

CWE-1324 DEPRECATED: Sensitive Information Accessible by Physical Probing of JTAG Interface

CWE-1255 Comparison Logic is Vulnerable to Power Side-Channel Attacks

CWE-288 Authentication Bypass Using an Alternate Path or Channel

MediumCWE-776 Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

MediumCWE-469 Use of Pointer Subtraction to Determine Size

CWE-474 Use of Function with Inconsistent Implementations

CWE-1242 Inclusion of Undocumented Features or Chicken Bits

CWE-1192 Improper Identifier for IP Block used in System-On-Chip (SOC)

CWE-920 Improper Restriction of Power Consumption

Free security scan for your website

Don't show website scan report rating on the leaderboard

CWE-704 - Incorrect Type Conversion or Cast

The product does not correctly convert an object, resource, or structure from one type to a different type.